<?
include(UC_DIR.'Member.ctp');
?>
<?

 /*?>include("./includes/mail_config.php");
$act= isset($_GET["act"])?$_GET["act"]:'';

switch($act){
	case "log_out":	
		Logout();,
		break;	

	case "sm":
		Login();
		break;
	
	case "forgot":
		$tpl = 'forgot';
		break;
	
	case 'forgotsm':
		ForgotPass();
		$tpl = 'resetpass';
		break;
	
	case 'resetpass':
		ResetPass();
		$tpl = 'resetpass';
		break;
	
	default:
		$tpl="log_in";
		break;
}

function Logout2(){
	unset($_SESSION["store_login"]);
	unset($_SESSION["member_username"]);
	$msg = "Log Out";             
	$page = "index.php";             
	page_transfer($msg,$page);
}

function Login2(){
	global $db;
	if(!isset($_SESSION['counter_login'])){
		$_SESSION['counter_login'] = 0;
	}
	if(!empty($_POST['security_code']) && $_POST['security_code'] == $_SESSION['security_code']){
		$username     = isset($_POST["email"])     ? $_POST["email"]     : '';
		$password     = isset($_POST["password"])     ? $_POST["password"]     : '';
		//-------------------------------------------------
		$sql_select = "select * from member where email='$email' ";
		$result=$db->getRow($sql_select);
		if(!$result)
		{
			$_SESSION['counter_login']++;
			$msg = "User not exist";
			$page = "index.php?do=login&error=1";
			page_transfer($msg,$page);
		}
		if(md5($password)!=$result["password"])
		{
			$_SESSION['counter_login']++;
			$msg = "Password invalid";
			$page = "index.php?do=login&error=1";
			page_transfer($msg,$page);
		}
		if(empty($_SESSION["store_login"]))
		{
			$_SESSION["store_login"]    = "store_logined";
			$_SESSION["member_username"]    = $username;
			$_SESSION['group_user'] = $result['group'];
			$msg = "Login x successfully!";
			$page = "index.php";
			page_transfer($msg,$page);
		}
	}
	else{
		$_SESSION['counter_login']++;
		$msg = "Security code wrong";
		$page = "index.php?do=login&error=1";
		page_transfer($msg,$page);
	}
}
function ForgotPass2()
{
	global $db,$act, $msg, $mail, $FullUrl;
	$msg="Email không tồn tại!";
	$sql = "select * from member where email='" . $_POST["email"] . "'";
	$r = $db->getRow($sql);
	if($r){
		$body = file_get_contents('EmailTemplate/forgot_password.html');
		$body = eregi_replace("[\]",'',$body);
		
		$link = $FullUrl . "index.php?do=login&act=resetpass&email=" . $r['email'] . "&password=" . $r['password'];
		
		$body = str_replace('[LINK]', $link, $body);
		$mail->Subject    = "Forgot password admin";
		$mail->MsgHTML($body);
		$mail->AddAddress( $_POST["email"], "Ho Tro");
		$mail->Send();
		$msg='Email đã gửi đến bạn. Mời check mail để reset password!';
	}
}
function ResetPass2()
{
	global $db,$act, $msg, $new_pass;
	$msg="Tài khoản này không tồn tại";
	$sql = "select * from member where email='" . $_GET["email"] . "'";
	$r = $db->getRow($sql);
	if($r){
		if($r['password'] == $_GET['password']){
			
			$new_pass = time();
			$arr = array();
			$arr['password'] = md5($new_pass);
			vaUpdate('member',$arr, "email='" . $_GET["email"] . "'");
			
			$msg = "Xin chào <strong>" . $r['username'] . "</strong> <br />Password mới của bạn là: <strong>$new_pass</strong> <br /> Bạn hãy đổi password ngay sau khi đăng nhập";
		}
	}
}<?php */?>


